<?php
//Include the 2 important files
require_once("functions.php");
require_once("Connections/cnn.php");

$timezone = +7;
$time = gmdate("Y-m-d H:i:s", time() + 3600*($timezone+date("I")));

if($_REQUEST['validterm'] == "validterm")
{
	//Check required values;
	if(empty($_REQUEST['firstname']))
	{
		$errorMsg = "First Name cannot blank";
		RedirectMsg('register.php?errorMsg='."$errorMsg".'');
	}
	if(empty($_REQUEST['lastname']))
	{
		$errorMsg = "Last Name cannot blank";
		RedirectMsg('register.php?errorMsg='."$errorMsg".'');
	}
	if(empty($_REQUEST['email']))
	{
		$errorMsg = "Email cannot blank";
		RedirectMsg('register.php?errorMsg='."$errorMsg".'');
	}
	if(empty($_REQUEST['email']))
	{
		$errorMsg = "Email cannot blank";
		RedirectMsg('register.php?errorMsg='."$errorMsg".'');
	}
	if(empty($_REQUEST['password']))
	{
		$errorMsg = "Password cannot blank";
		RedirectMsg('register.php?errorMsg='."$errorMsg".'');
	}
	if(empty($_REQUEST['idcard']))
	{
		$errorMsg = "ID Card cannot blank";
		RedirectMsg('register.php?errorMsg='."$errorMsg".'');
	}
	//End Check required values;
	
	//Check Email existed
	$sqlcheck = " SELECT Email FROM Members WHERE Email = '{$_REQUEST['email']}' ";
	$checkRS = @mysql_query("$sqlcheck");
	
	if(!(MD5($_REQUEST['password']) == MD5($_REQUEST['repassword'])))
	{
		$errorMsg = "Passwords are not matched";
		RedirectMsg($errorMsg,'register.php');
	}
	
	if(@mysql_num_rows($checkRS) > 0)
	{
		$errorMsg = "Email has been existed";
		RedirectMsg($errorMsg,'register.php');
	}
	else
	{
		//Declare SQL Query
		$EncryptPass = MD5($_REQUEST['password']);
		$sqlinsert = "INSERT Members 
			(
			Firstname	, 
			Lastname	, 	 
			Email 		,	
			Password 	,
			DayJoin		,	
			Gender 		,	
			IDcard 			
			)
			VALUES 
			(
			'{$_REQUEST['firstname']}'		,
			'{$_REQUEST['lastname']}'		,
			'{$_REQUEST['email']}'			,
			'{$EncryptPass}'				,
			'{$time}'						,
			'{$_REQUEST['gender']}'			, 
			'{$_REQUEST['idcard']}' 
			);";
			
		$ExecQuery = @mysql_query("$sqlinsert");
		if($ExecQuery)
		{
			$errorMsg = "Register sucessfully";
			RedirectMsg($errorMsg,'login.php');
		}
		else
		{
			$errorMsg = "Register fail";
			RedirectMsg($errorMsg,'register.php');
		}	
	}	
}
else
{
	$errorMsg = "You must agree to the terms of use";
	Redirect('register.php?errorMsg='."$errorMsg".'');		
}

?>